Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with exploit-development

A curated list of projects in awesome lists tagged with exploit-development .

https://github.com/projectdiscovery/nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

bugbounty exploit-development exploits fingerprint hacktoberfest nuclei nuclei-checks nuclei-templates security vulnerability-detection

Last synced: 14 May 2025

https://github.com/hugsy/gef

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

binary-ninja ctf debugging discord exploit exploit-development gdb gef ida-pro linux malware-analysis mips powerpc pwn pwntools python python-api reverse-engineering sparc

Last synced: 07 May 2025

https://hugsy.github.io/gef/

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

binary-ninja ctf debugging discord exploit exploit-development gdb gef ida-pro linux malware-analysis mips powerpc pwn pwntools python python-api reverse-engineering sparc

Last synced: 11 May 2025

https://github.com/0vercl0k/rp

rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.

binary-exploitation exploit-development exploitation-framework gadget return-oriented-programming rop rop-chain rop-gadgets

Last synced: 14 May 2025

https://github.com/jxy-s/herpaderping

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

antivirus antivirus-evasion exploit exploit-development exploit-framework exploitation exploits process-doppelganging process-herpaderping process-hollowing process-migration security security-vulnerability vulnerability windows windows-10 windows-7 windows-defender

Last synced: 16 May 2025

https://github.com/cryptogenic/exploit-writeups

A collection where my current and future writeups for exploits/CTF will go

capture-the-flag exploit-development exploitation vulnerabilities

Last synced: 02 Apr 2025

https://github.com/0xricksanchez/like-dbg

Fully dockerized Linux kernel debugging environment

ctf ctf-tools debugging docker exploit exploit-development gdb kernel linux linux-kernel pwn qemu

Last synced: 16 May 2025

https://github.com/Cryptogenic/Exploit-Writeups

A collection where my current and future writeups for exploits/CTF will go

capture-the-flag exploit-development exploitation vulnerabilities

Last synced: 13 Mar 2025

https://github.com/boyan-milanov/ropium

ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together

binary-exploitation chaining-gadgets exploit-development gadget rop-chain rop-exploits rop-gadgets security security-vulnerability semantic

Last synced: 05 Apr 2025

https://github.com/ant4g0nist/Vulnerable-Kext

A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation

driver exploit-development exploitation ios kernel macos memory-corruption vulnerabilities xnu

Last synced: 22 Apr 2025

https://github.com/out-of-tree/out-of-tree

out-of-tree kernel {module, exploit} development tool

exploit-development linux-kernel out-of-tree

Last synced: 12 Apr 2025

https://github.com/huskyhacks/shadowsteal

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

exploit exploit-development nim windows

Last synced: 26 Mar 2025

https://github.com/HuskyHacks/ShadowSteal

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

exploit exploit-development nim windows

Last synced: 21 Nov 2024

https://github.com/svenito/exploit-pattern

generate and search pattern string for exploit development

debruijn exploit exploit-development python

Last synced: 13 Apr 2025

https://github.com/Svenito/exploit-pattern

generate and search pattern string for exploit development

debruijn exploit exploit-development python

Last synced: 13 Mar 2025

https://github.com/ihack4falafel/osce

Collection of things made during my preparation to take on OSCE

exploit-code exploit-development exploit-exercises exploits osce

Last synced: 08 May 2025

https://github.com/wangyihang/exploit-framework

:fire: An Exploit framework for Web Vulnerabilities written in Python

exploit-development exploit-framework exploits vulnerability

Last synced: 21 Apr 2025

https://github.com/rcx/shellcode_encoder

x64 printable shellcode encoder

exploit-development shellcode x86-64

Last synced: 14 Apr 2025

https://github.com/ajayrandhawa/cryptolocker

CryptoLocker is open source files encrypt-er. Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster.

blackcat crypto exploit exploit-development hacking-tools ransomware ransomware-detection wannacry

Last synced: 16 Mar 2025

https://github.com/riz-ve/xeno

Xeno: An external script executor for Roblox made entirely in C++. It uses a working but detected method of overwriting the bytecode of a corescript to manage script execution

cpp cpp-httplib csharp executors-for-roblox exploit exploit-development httplib learning-resources lua luau roblox roblox-executer visual-studio xxhash zstd

Last synced: 05 Apr 2025

https://github.com/ignis-sec/cve-2023-38831-rarce

An easy to install and easy to run tool for generating exploit payloads for CVE-2023-38831, WinRAR RCE before versions 6.23

archive exploit exploit-development rce security winrar

Last synced: 06 May 2025

https://github.com/redcode-labs/bmj

Code snippets for bare-metal malware development

assembly buffer-overflow exploit-development exploitation malware-research shellcode

Last synced: 15 Apr 2025

https://github.com/ihack4falafel/osee

Collection of things made during my preparation to take on OSEE

exploit-code exploit-development exploit-exercises exploits osee

Last synced: 21 Nov 2024

https://github.com/epi052/osce-exam-practice

Proof of Concept exploit scripts and fuzzing templates. Companion blog posts located at https://epi052.gitlab.io/notes-to-self/blog/2020-05-13-osce-exam-practice-part-one/

ctp exploit-development exploitation osce osce-exam-practice osce-prep

Last synced: 22 Mar 2025

https://github.com/ajayrandhawa/hidden-screen-capture

It is primary designed to be hidden and monitoring the computer activity. Take a screenshot of desktop in hidden mode using Visual C++ and save automatically to 'jpeg' file in every 30 second. 60+ Most Popular antivirus not detect this application while it is running on background.

blackcat cplusplus exploit-development gdi-plus gdiplus hidden screen-capture stealthy-trojans visualcpp

Last synced: 22 Nov 2024

https://github.com/lem0nsec/ecxd

A collection of exploits and exercises developed while preparing for the eCXD exam!

binary-exploitation exploit-development

Last synced: 12 Apr 2025

https://github.com/martinclauss/syscall_number

This tool gives you the Linux system call number (32bit and 64bit x86) for a system call name (e.g., read, write, ...).

asm assembly cli ctf exploit-development linux pwn python rop shellcode-development syscalls x86-32 x86-64

Last synced: 16 Dec 2024

https://github.com/cris-m/buffer-overflow-exploit-development

This repo explains in details about buffer overflow exploit development for windows executable.

education exploit-development fuzzing immunitydebugger mona msfvenom-payload python reverse-engineering spiking

Last synced: 27 Jan 2025

https://github.com/hugsy/ropgadget-rs

Another (bad) ROP gadget finder, but this time in Rust

exploit-development pwn rop rop-gadget-finder ropgadget rust

Last synced: 10 Apr 2025

https://github.com/0xricksanchez/shellcoder

BinjaryNinja plugin for a ShellStorm like assembly/disassembly experience

assembler binaryninja-plugin disassembler exploit-development pwn shellcode

Last synced: 10 Apr 2025

https://github.com/keramas/windowskernelexploits

Repository for Windows 10 x64 kernel research, exploitation learning, and reference/supplementary code.

drivers exploit-development kernel shellcode windows windows-10

Last synced: 30 Apr 2025

https://github.com/x86-512/vxpp

VFGadget locator to facilitate Counterfeit Object-Oriented Programming (COOP) and Loop-Oriented Programming (LOP) attacks to bypass advanced security protections like Intel CET and Control-Flow Guard (CFG) to achieve Remote Code Execution.

binary-exploitation buffer-overflow cet cfg code-reuse control-flow-guard control-flow-integrity coop exploit exploit-development intel-cet lop rce rce-exploit rop rop-gadgets ropgadget security-bypass uaf use-after-free

Last synced: 29 Apr 2025

https://github.com/joanbono/gottern

Golang port for Metasploit's pattern_create and pattern_offset

buffer-overflow exploit-development go golang metasploit oscp oscp-tools pattern-create pattern-offset

Last synced: 12 Jan 2025

https://github.com/grayhatacademy/mow

Mips Overflow Writer - Quickly write MIPS big/little overflows.

exploit-development mips mips-exploitation mips-overflow-writer overflows

Last synced: 10 Apr 2025

https://github.com/pithase/asm-payloads-loaders

Desarrollo paso a paso de cargadores de payloads, escritos exclusivamente en lenguaje Ensamblador x86-64 para Linux, sin dependencias externas y utilizando solo syscalls. | Step-by-step development of payload loaders, written exclusively in x86-64 Assembly for Linux, with no external dependencies and using only syscalls.

assembly binary-exploitation exploit-development linux loader-development low-level offensive-security payload-development red-teaming shellcode-development syscall x86-64

Last synced: 11 Apr 2025

https://github.com/mrtaheramine/cve-2018-10583

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by "xlink:href=file://192.168.0.2/test.jpg" within an "office:document-content" element in a ".odt XML document".

cve-2018-10583 exploit exploit-db exploit-development py

Last synced: 09 Apr 2025

https://github.com/martinclauss/exim-rce-cve-2018-6789

This repository provides a learning environment to understand how an Exim RCE exploit for CVE-2018-6789 works.

binary-exploitation cve docker educational exim exim-exploit exploit exploit-development gdb learning-by-doing pwndbg pwntools rce vagrant

Last synced: 16 Dec 2024

https://github.com/bmedicke/reed

notes about 🔍 Reverse Engineering and 🔥 Exploit Development

debugging exploit-development reverse-engineering security

Last synced: 02 Apr 2025

https://github.com/geniuszly/cve-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/geniuszly/CVE-2022-46080

it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.

buffer-overflow cve cve-2022-46080 cybersecurity ethical-hacking exploit exploit-development linux nexxt nexxt-router penetration-testing poc rce rce-exploit router security telnet vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/algoatson/shellstorm-qt

Minimal Cross-Platform GUI written in Qt6 for shell-storm.org, allows to search, edit and save shellcode at your will.

exploit-development exploitation gui reverse-shell shellcode shellstorm

Last synced: 15 Apr 2025

https://github.com/x86byte/ropme

Windows Exploit development : Bypass Data Execution Prevention (DEP) using ROP chains manually hard code

exploit-development return-oriented-programming user-mode windows-exploitation

Last synced: 15 Apr 2025

https://github.com/x86byte/ROPme

Windows Exploit development : Bypass Data Execution Prevention (DEP) using ROP chains manually hard code

exploit-development return-oriented-programming user-mode windows-exploitation

Last synced: 10 May 2025

https://github.com/geniuszly/CVE-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 07 May 2025

https://github.com/geniuszly/cve-2022-45701

it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.

arris arris-modem arris-router buffer-overflow cve cve-2022-45701 cybersecurity ethical-hacking exploit exploit-development linux penetration-testing poc python security snmp vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/geniuszly/cve-2022-44149

it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.

cve cve-2022-44149 cybersecurity ethical-hacking exploit exploit-development linux payload penetration-testing poc privilege-escalation security vulnerability vulnerability-research

Last synced: 11 Apr 2025

https://github.com/lakshayd02/exploit_development_framework_c

A C-based exploit development framework and fuzzing tool designed to test application robustness and security by generating random payloads and targeting vulnerabilities. Automate vulnerability discovery and improve application resilience! 🛡️

c exploit-development exploitation-framework fuzzing fuzzing-tool

Last synced: 10 Apr 2025

https://github.com/winterrdog/shellcode-myner

Extracts shellcode from any specified binary/object file.

elf exploit-development linux rust rust-language security-tools shellcode shellcode-development unix

Last synced: 15 May 2025

https://github.com/0xrar/cve-2021-29447-poc

A proof of concept exploit for a wordpress 5.6 media library vulnerability

cve cve-2021-29447 exploit-development python3 websecurity wordpress

Last synced: 14 Dec 2024

https://github.com/harsh098/win32spy

A Windows based simple multithreaded and a multiprocessing enabled spyware written as a hobby project . It consists of a keylogger, audio spy , screenshot grabber, system reconnaissance and a clipboard spy

cybersecurity exploit-development python spyware

Last synced: 22 Nov 2024

https://github.com/0xvpr/vpr-shell-shock

A C99/C++17 compatible header only library capable of creating position independent shellcode.

binary exploit-development header-only header-only-library pe32 pe32plus position-independent-code shellcode shellcode-development windows

Last synced: 02 Jan 2025

https://github.com/totekuh/shellcrafter

Scripts, tools and code snippets for exploit development/assembly/shellcoding

assembly exploit exploit-development keystone pip python3 shellcode

Last synced: 15 Apr 2025

https://github.com/x86byte/exploit-development-notes

Exploit development Notes - Exploit development RoadMap - Exploit development advices - Exploit development Tips - Exploit development Windows - Exploit development Kernel Mode & User Mode - learning about Exploit Development

cfg exploit-development kaslr kernel-mode reverse-engineering user-mode windows-exploitation

Last synced: 20 Jun 2025

https://github.com/jelchison/launch-bash-without-aslr

Shell script to launch a Bash instance, from which all child processes will have ASLR disabled

aslr bash bash-hacks bash-script ctf exploit-development exploit-exercises exploitation shell

Last synced: 27 Mar 2025

https://github.com/francescolucarini/pwnable.kr-exploits

Some exploit for the ctf pwnable.kr written in python3 with pwntools

exploit-development pwn pwnable-kr pwntools python3

Last synced: 23 Feb 2025

https://github.com/0xor0ne/doc-revexp

Docker image with tools for reverse engineering and exploit development activities.

debugging docker emulation exploit-development malware-analysis reverse-engineering

Last synced: 23 Apr 2025

https://github.com/lem0nsec/cve-2010-5301

A proof of concept of an SEH overflow with arbitrary dll injection

cve exploit-development windows

Last synced: 04 Mar 2025

https://github.com/7etsuo/findppr

A handy WinDBG script for finding PPR instructions

buffer-overflow buffer-overflow-attack exploit-development exploitation hacking osed ppr

Last synced: 18 Feb 2025

https://github.com/marcolugo/vulnserver

Different exploits created for Vulnserver

exploit-development security shellcode

Last synced: 06 Apr 2025

https://github.com/ring0-c0d3-br34k3r/exploit-development-notes

Exploit development Notes - Exploit development RoadMap - Exploit development advices - Exploit development Tips - Exploit development Windows - Exploit development Kernel Mode & User Mode - learning about Exploit Development

cfg exploit-development kaslr kernel-mode reverse-engineering user-mode windows-exploitation

Last synced: 10 May 2025

https://github.com/franckferman/cauchemar-apprendre_le_pwn

Référentiel exhaustif pour acquérir une compréhension approfondie des fondamentaux de l'exploitation de binaires. Fruit d'une démarche analytique rigoureuse, ce guide offre une pédagogie structurée, avec explications détaillées et exemples concrets, pour maîtriser pas à pas l'exploitation de binaires.

apprendre apprendre-les-bases apprendre-pwn binary-exploitation exploit exploit-development exploitation francais francaise france gdb heap-overflow learning pwn pwn-college pwn-course-practice pwndbg pwning reverse-engineering stack-overflow

Last synced: 07 Apr 2025

https://github.com/masterofbrokenlogic/whonow

A malicious DNS server for executing DNS Rebinding attacks on the fly. whonow lets you specify DNS responses and rebind rules dynamically using domain requests themselves.

cybersecurity dns-rebinding dns-server educational exploit-development hacking-tools malicious-software networking open-source penetration-testing software

Last synced: 13 May 2025